SEARCH

Enter your search query in the box above ^, or use the forum search tool.

You are not logged in.

#1 2013-03-16 19:36:54

quim
New Member
From: Portugal
Registered: 2013-03-16
Posts: 1

Changing ptrace default value for debugging child processes

Hi guys! First timer here, both on Crunchbang and the forum.

I need help in allowing gdb to debug a child process created with the fork command. The idea is to have 2 terminal with gdb, one running the parent process and the other one running the child. When I launch gdb using the PID of the child process it says: "ptrace: Operation not permitted". Also tried the attach command, same thing.

From what I could find there is a solution in Ubuntu, which is to change the value of the file /proc/sys/kernel/yama/ptrace_scope from 1 to 0. The problem is I can't find such a file or variable in Crunchbang.

My system info (I don't if that's enough, if not let me know wink ):

Linux crunchbang 3.2.0-4-686-pae #1 SMP Debian 3.2.35-2 i686 GNU/Linux

Any ideas?
Thanks in advance!
PS: English isn't my native language, so corrections are welcome! wink

Offline

Help fund CrunchBang, donate to the project!

#2 2013-03-17 09:54:28

xaos52
The Good Doctor
From: Planet of the @s
Registered: 2011-06-24
Posts: 4,602

Re: Changing ptrace default value for debugging child processes

       PR_SET_PTRACER (since Linux 3.4)
              This is only meaningful when the Yama LSM is enabled and in mode 1
              ("restricted ptrace", visible via
              /proc/sys/kernel/yama/ptrace_scope).  When a "ptracer process ID" is
              passed in arg2, the caller is declaring that the ptracer process can
              ptrace(2) the calling process as if it were a direct process
              ancestor.  Each PR_SET_PTRACER operation replaces the previous
              "ptracer process ID".  Employing PR_SET_PTRACER with arg2 set to 0
              clears the caller's "ptracer process ID".  If arg2 is
              PR_SET_PTRACER_ANY, the ptrace restrictions introduced by Yama are
              effectively disabled for the calling process.

              For further information, see the kernel source file
              Documentation/security/Yama.txt.

Seems like you need a more recent kernel for that.

Offline

Board footer

Powered by FluxBB

Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.

Debian Logo